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DETAILED ACTION 

1 . Claims 1 -26 are pending. 

2. The Information Disclosure Statement respectfully submitted on 06 October 2003 
has been considered by the Examiner. 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent/except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1-6, 19-22, and 26 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Touboul (U.S. Patent No. 6,480,962). As per claim 1 , Touboul discloses 
an intrusion secure computer system comprising: a CPU, a data storage means, a 
memory means, an operating system, a virtual machine operating system, and at least 
one I/O connection in operative communication with a data source in Column 3, lines 9- 
40. 

As per claim 2, Touboul discloses the claimed limitation wherein the data source is a 
global computer network in Column 2, lines 61-64. 

As per claim 3, Touboul discloses the claimed limitation wherein the data source is 
other than a global computer network in Column 4, lines 19-29. 
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As per claim 4, Touboul discloses the claimed limitation wherein the data source is 
other than a global computer network is at least one data source selected from the 
group consisting of: a computer workstation, a personal-type computer, a computer 
dock, a local area network, an intranet, and a wide area network in Column 2, lines 61- 
67, Column 3, lines 1-3. 

As per claim 5, Touboul discloses the claimed limitation wherein the virtual machine 
operating system comprises software for defining a virtual machine environment in 
memory and a virtual drive in storage, and operational control software limiting 
operative communication with the data source to the virtual machine environment and 
the virtual machine drive in Column 3, lines 52-63. 

As per claims 6 and 26, Touboul discloses a method for securing a computer system 
from intrusion from an external data source comprising the steps of: providing an 
intrusion secure computer system of claim 1 , initiating an external data source interface 
session, and causing activation of a virtual machine operating system of claim 1 , and 
defining a virtual machine environment in memory and a virtual drive in storage, and 
establishing connectivity with the external data source under control of the virtual 
machine operating system to isolate operative communication with the external data 
source to the virtual machine environment and the virtual drive to secure the computer 
system from intrusion from the external data source in Column 3, lines 52-67, Column 4, 
lines 1-49. 
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As per claim 19, Touboul discloses the claimed limitation wherein the isolated operating 
environment computer code includes code checking and setting the isolated operating 
environment runtime requirements in Column 3, lines 4-8. 

As per claim 20, Touboul discloses the claimed limitation wherein the isolated operating 
environment computer code includes code checking and setting the isolated operating 
environment runtime requirements to provide at least two run modes in Column 3, lines 
40-50. 

As per claim 21, Touboul discloses the claimed limitation wherein the isolated operating 
environment computer code includes code checking and setting the isolated operating 
environment runtime requirements to provide at a run mode with inet access and a run 
mode without inet access in Column 5, lines 50-60, Column 6, lines 33-48. 
As per claim 22, Touboul discloses the claimed limitation wherein the isolated operating 
environment computer code includes code checking and setting the isolated operating 
environment exit requirements in Column 4, lines 50-67, Column 5, lines 1-2. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 7-1 8, 23-25 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Touboul in view of White et al. (U.S. Patent No. 6,526,488). As per claim 1, 
Touboul discloses the invention as claimed above. However, Touboul does not explicitly 
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disclose controlling access to corrupt information on a computer system caused by a 
PC virus. As per claim 7, White et al. discloses a software application installable on a 
personal computer, the software protecting the computer's primary data files from being 
accessed by malicious code from an external data source, the software comprising: 
computer code for a isolated operating environment, and computer code for a 
secondary operating system functional within the isolated operating environment in 
Column 9, lines 11-31. 

As per claim 8, White et al. discloses the claimed limitation wherein the isolated 
operating environment computer code includes POS permission code for modifying the 
POS permissions in Column 9, lines 1-6. 

As per claim 9, White et al. discloses the claimed limitation wherein the secondary 

operating system computer code includes POS permission code for modifying POS 

external data source related access permissions in Column 9, lines 7-9. 

As per claim 10, White et al. discloses the claimed limitation wherein the external data 

source is at least one source selected from the group consisting of a network node, an 

external node, and an I/O device in Column 10, lines 24-49. 

As per claim 11, White et al. discloses the claimed limitation wherein the secondary 

operating system computer code includes POS permission code for modifying POS 

internet related permissions in Column 10, lines 41-49. 

As per claim 12, White et al. discloses the claimed limitation wherein the secondary 
operating system computer code includes POS permission code for modifying POS Inet 
permissions in Column 6, lines 54-67, Column 7, lines 1-24. 
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As per claims 13 and 24, White et al. discloses the claimed limitation wherein the 
isolated operating environment computer code includes installation code for checking 
and setting the isolated operating environment in Column 7, lines 62-67. 
As per claim 14, White et al. discloses the claimed limitation wherein the installation 
code checks for the current installation condition of the software application in Column 
7, lines 24-35. 

As per claim 15, White et al. discloses the claimed limitation wherein the installation 
code copies any files from the software application as are necessary in view of the 
check for current installation condition of the software application in Column 7, lines 52- 
59. 

As per claim 16, White et al. discloses the claimed limitation wherein the installation 

code establishes short-cuts as are necessary in view of the check for current installation 

condition of the software application in Column 7, lines 36-51 . 

As per claim 17, White et al. discloses the claimed limitation wherein the isolated 

operating environment computer code includes code checking and setting the isolated 

operating environment start up requirements in Column 7, lines 6-15. 

As per claims 18 and 25, White et al. discloses the claimed limitation wherein the 

isolated operating environment computer code includes code checking and setting the 

isolated operating environment start up requirements regarding "freshness" of the SOE 

files, allocation of volatile memory to the SOE, allocation of data storage to the SOE, 

READ ONLY condition of the primary operating system partitions and connections, state 
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of intranet activity, READ ONLY condition of user access to primary operating system 
partitions in Column 9, lines 32-67, Column 10, lines 1-20. 
As per claim 23, White et al. discloses the claimed limitation wherein the isolated 
operating environment computer code includes code checking and setting the isolated 
operating environment exit requirements includes disconnecting (the SOE) from the 
inet, closing the node interface, freeing the SOE volatile memory allocation, flush the 
temporary data storage allocation, disconnect from any SOE files and partitions, refresh 
SOE boot file, and restore intranet connection in Column 8, lines 5-67. 
Therefore it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to modify Touboul's intrusion system by combining 
White's method for controlling access and setting permissions preventing a PC virus. 
Motivation for such an implementation would enable the user to determine if a security 
violation existed prior to the virus which exists within the software applications. 

Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Fischman et al. (US Pub No. 2003/0097588) discloses a method 
and system for modeling analysis and display of network security events. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Courtney D. Fields whose telephone number is 571- 
272-3871 . The examiner can normally be reached on Mon - Thurs. 6:00 - 4:00 pm; off 
every Friday. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on 571-272-3868. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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